• ホーム
  • ブログ
  • 2022年最新の実際に出る312-38問題集テストエンジン試験問題はここにある [Q31-Q48]

2022年最新の実際に出る312-38問題集テストエンジン試験問題はここにある [Q31-Q48]

Share

2022年最新の実際に出る312-38問題集テストエンジン試験問題はここにある

更新された公式資料は312-38認証済みの312-38問題集PDF

質問 31
Token Ring is standardized by which of the following IEEE standards?

  • A. 802.3
  • B. 802.4
  • C. 802.1
  • D. 802.2

正解: B

解説:
Explanation/Reference:

 

質問 32
Which of the following types of VPN uses the Internet as its main backbone, allowing users, customers, and branch offices to access corporate network resources across various network architectures?

  • A. Intranet-based VPN
  • B. Remote access VPN
  • C. PPTP VPN
  • D. Extranet-based VPN

正解: D

解説:
An extranet-based VPN uses the Internet as its main backbone network, allowing users, customers, and branch offices to access corporate network resources across various network architectures. Extranet VPNs are almost identical to intranet VPNs, except that they are intended for external business partners.
Answer option D is incorrect. An intranet-based VPN is an internal, TCP/IP-based, password-protected network usually implemented for networks within a common network infrastructure having various physical locations.
Intranet VPNs are secure VPNs that have strong encryption.
Answer option B is incorrect. A remote access VPN is one of the types of VPN that involves a single VPN gateway. It allows remote users and telecommuters to connect to their corporate LAN from various points of connections. It provides significant cost savings by reducing the burden of long distance charges associated with dial-up access. Its main security concern is authentication, rather than encryption. Answer option A is incorrect. The PPTP VPN is one of the types of VPN technology.

 

質問 33
Which of the following is a worldwide organization that aims to establish, refine, and promote Internet security standards?

  • A. IEEE
  • B. ITU
  • C. ANSI
  • D. WASC

正解: D

解説:
Web Application Security Consortium (WASC) is a worldwide organization that aims to establish, refine, and promote Internet security standards. WASC is vendor-neutral, although members may belong to corporations involved in the research, development, design, and distribution of Web security-related products.
Answer option A is incorrect. ANSI (American National Standards Institute) is the primary organization for fostering the development of technology standards in the United States. ANSI works with industry groups and is the U.S. member of the International Organization for Standardization (ISO) and the International Electro- technical Commission (IEC). Long-established computer standards from ANSI include the American Standard Code for Information Interchange (ASCII) and the Small Computer System Interface (SCSI).
Answer option D is incorrect. The International Telecommunication Union (ITU) is an organization established to standardize and regulate international radio and telecommunications. Its main tasks include standardization, allocation of the radio spectrum, and organizing interconnection arrangements between different countries to allow international phone calls. ITU sets standards for global telecom networks.
The ITU's telecommunications division (ITU-T) produces more than 200 standard recommendations each year in the converging areas of telecommunications, information technology, consumer electronics, broadcasting and multimedia communications. ITU was streamlined into the following three sectors:
ITU-D (Telecommunication Development)
ITU-R (Radio communication)
ITU-T (Telecommunication Standardization)
Answer option C is incorrect. The Institute of Electrical and Electronic Engineers (IEEE) is a society of technical professionals. It promotes the development and application of electro-technology and allied sciences. IEEE develops communications and network standards, among other activities. The organization publishes number of journals, has many local chapters, and societies in specialized areas.

 

質問 34
What is the location of honeypot on a network?

  • A. Honeynet
  • B. Hub
  • C. DMZ
  • D. Honeyfarm

正解: C

 

質問 35
In an Ethernet peer-to-peer network, which of the following cables is used to connect two computers, using RJ-
45 connectors and Category-5 UTP cable?

  • A. Serial
  • B. Crossover
  • C. Parallel
  • D. Loopback

正解: B

解説:
In an Ethernet peer-to-peer network, a crossover cable is used to connect two computers, using RJ-45 connectors and Category-5 UTP cable.
Answer options D and A are incorrect. Parallel and serial cables do not use RJ-45 connectors and Category-5 UTP cable. Parallel cables are used to connect printers, scanners etc., to computers, whereas serial cables are used to connect modems, digital cameras etc., to computers.
Answer option B is incorrect. A loopback cable is used for testing equipments.

 

質問 36
Which has the following fields IPv6 header is reduced by 1 for each router that sends a packet?

  • A. Flow label
  • B. None
  • C. Next header
  • D. traffic class
  • E. hop limit

正解: E

 

質問 37
Which of the following statements are TRUE about Demilitarized zone (DMZ)? Each correct answer represents a complete solution. Choose all that apply.

  • A. Demilitarized zone is a physical or logical sub-network that contains and exposes external services of an organization to a larger un-trusted network.
  • B. Hosts in the DMZ have full connectivity to specific hosts in the internal network.
  • C. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network like the Internet.
  • D. The purpose of a DMZ is to add an additional layer of security to the Local Area Network of an organization.

正解: A,C,D

解説:
A demilitarized zone (DMZ) is a physical or logical subnetwork that contains and exposes external services of an organization to a larger network, usually the Internet. The purpose of a DMZ is to add an additional layer of security to an organization's Local Area Network (LAN); an external attacker only has access to equipment in the DMZ, rather than the whole of the network. Hosts in the DMZ have limited connectivity to specific hosts in the internal network, though communication with other hosts in the DMZ and to the external network is allowed.
This allows hosts in the DMZ to provide services to both the internal and external networks, while an intervening firewall controls the traffic between the DMZ servers and the internal network clients. In a DMZ configuration, most computers on the LAN run behind a firewall connected to a public network such as the Internet.

 

質問 38
The network administrator wants to strengthen physical security in the organization. Specifically, to implement a solution stopping people from entering certain restricted zones without proper credentials. Which of following physical security measures should the administrator use?

  • A. Video surveillance
  • B. Bollards
  • C. Mantrap
  • D. Fence

正解: D

 

質問 39
Timothy works as a network administrator in a multinational organization. He decides to implement a dedicated network for sharing storage resources. He uses a_______as it seperates the storage units from the servers and the user network.

  • A. NAS
  • B. SAN
  • C. SCSA
  • D. SAS

正解: B

 

質問 40
How is a "risk" represented?

  • A. Asset + threat
  • B. Motive (goal) + method + vulnerability
  • C. Motive (goal) + method
  • D. Asset + threat + vulnerability

正解: D

 

質問 41
John works as an Ethical Hacker for www.company.com Inc. He wants to find out the ports that are open in www.company.com's server using a port scanner. However, he does not want to establish a full TCP connection. Which of the following scanning techniques will he use to accomplish this task?

  • A. TCP SYN
  • B. TCP FIN
  • C. Xmas tree
  • D. TCP SYN/ACK

正解: A

解説:
According to the scenario, John does not want to establish a full TCP connection. Therefore, he will use the TCP SYN scanning technique. TCP SYN scanning is also known as half-open scanning because in this type of scanning, a full TCP connection is never opened. The steps of TCP SYN scanning are as follows:
1.The attacker sends a SYN packet to the target port.
2.If the port is open, the attacker receives the SYN/ACK message.
3.Now the attacker breaks the connection by sending an RST packet.
4.If the RST packet is received, it indicates that the port is closed.
This type of scanning is hard to trace because the attacker never establishes a full 3-way handshake connection and most sites do not create a log of incomplete TCP connections.
Answer option C is incorrect. In TCP SYN/ACK scanning, an attacker sends a SYN/ACK packet to the target port. If the port is closed, the victim assumes that this packet was mistakenly sent by the attacker, and sends the RST packet to the attacker. If the port is open, the SYN/ACK packet will be ignored and the port will drop the packet. TCP SYN/ACK scanning is stealth scanning, but some intrusion detection systems can detect TCP SYN/ACK scanning.
Answer option D is incorrect. TCP FIN scanning is a type of stealth scanning through which the attacker sends a FIN packet to the target port.
If the port is closed, the victim assumes that this packet was sent mistakenly by the attacker and sends the RST packet to the attacker. If the port is open, the FIN packet will be ignored and the port will drop that packet.
TCP FIN scanning is useful only for identifying ports of non-Windows operating systems because Windows operating systems send only RST packets irrespective of whether the port is open or closed.
Answer option B is incorrect. Xmas Tree scanning is just the opposite of null scanning. In Xmas Tree scanning, all packets are turned on. If the target port is open, the service running on the target port discards the packets without any reply. According to RFC 793, if the port is closed, the remote system replies with the RST packet.
Active monitoring of all incoming packets can help system network administrators detect an Xmas Tree scan.

 

質問 42
Which of the following is a type of scam that entices a user to disclose personal information?

  • A. Phishing
  • B. Smurfing
  • C. Sniffing
  • D. Spamming

正解: A

 

質問 43
John wants to implement a packet filtering firewall in his organization's network. What TCP/IP layer does a packet filtering firewall work on?

  • A. Application layer
  • B. TCP layer
  • C. Network Interface layer
  • D. IP layer

正解: D

 

質問 44
Which of the following is a software tool used in passive attacks for capturing network traffic?

  • A. Sniffer
  • B. Intrusion prevention system
  • C. Intrusion detection system
  • D. Warchalking

正解: A

解説:
A sniffer is a software tool that is used to capture any network traffic. Since a sniffer changes the NIC of the LAN card into promiscuous mode, the NIC begins to record incoming and outgoing data traffic across the network. A sniffer attack is a passive attack because the attacker does not directly connect with the target host.
This attack is most often used to grab logins and passwords from network traffic. Tools such as Ethereal, Snort, Windump, EtherPeek, Dsniff are some good examples of sniffers. These tools provide many facilities to users such as graphical user interface, traffic statistics graph, multiple sessions tracking, etc.
Answer option C is incorrect. An intrusion prevention system (IPS) is a network security device that monitors network and/or system activities for malicious or unwanted behavior and can react, in real-time, to block or prevent those activities. When an attack is detected, it can drop the offending packets while still allowing all other traffic to pass.
Answer option B is incorrect. An IDS (Intrusion Detection System) is a device or software application that monitors network and/or system activities for malicious activities or policy violations and produces reports to a Management Station. Intrusion prevention is the process of performing intrusion detection and attempting to stop detected possible incidents. Intrusion detection and prevention systems (IDPS) are primarily focused on identifying possible incidents, logging information about them, attempting to stop them, and reporting them to security administrators.
Answer option D is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing and war driving.

 

質問 45
Which of the following is a standard protocol for interfacing external application software with an information server, commonly a Web server?

  • A. IP
  • B. DHCP
  • C. CGI
  • D. TCP

正解: C

解説:
The Common Gateway Interface (CGI) is a standard protocol for interfacing external application software with an information server, commonly a Web server. The task of such an information server is to respond to requests (in the case of web servers, requests from client web browsers) by returning output. When a user requests the name of an entry, the server will retrieve the source of that entry's page (if one exists), transform it into HTML, and send the result. Answer option A is incorrect. DHCP is a Dynamic Host Configuration Protocol that allocates unique (IP) addresses dynamically so that they can be used when no longer needed. A DHCP server is set up in a DHCP environment with the appropriate configuration parameters for the given network. The key parameters include the range or "pool" of available IP addresses, correct subnet masks, gateway, and name server addresses. Answer option B is incorrect. The Internet Protocol (IP) is a protocol used for communicating data across a packet-switched inter-network using the Internet Protocol Suite, also referred to as TCP/IP.IP is the primary protocol in the Internet Layer of the Internet Protocol Suite and has the task of delivering distinguished protocol datagrams (packets) from the source host to the destination host solely based on their addresses. For this purpose, the Internet Protocol defines addressing methods and structures for datagram encapsulation. The first major version of addressing structure, now referred to as Internet Protocol Version 4 (IPv4), is still the dominant protocol of the Internet, although the successor, Internet Protocol Version 6 (IPv6), is being deployed actively worldwide. Answer option D is incorrect. Transmission Control Protocol (TCP) is a reliable, connection-oriented protocol operating at the transport layer of the OSI model. It provides a reliable packet delivery service encapsulated within the Internet Protocol (IP). TCP guarantees the delivery of packets, ensures proper sequencing of data, and provides a checksum feature that validates both the packet header and its data for accuracy. If the network corrupts or loses a TCP packet during transmission, TCP is responsible for retransmitting the faulty packet. It can transmit large amounts of data. Application layer protocols, such as HTTP and FTP, utilize the services of TCP to transfer files between clients and servers.

 

質問 46
Which of the following can be performed with software or hardware devices in order to record everything a person types using his or her keyboard?

  • A. Keystroke logging
  • B. War dialing
  • C. IRC bot
  • D. Warchalking

正解: A

解説:
Keystroke logging is a method of logging and recording user keystrokes. It can be performed with software or hardware devices. Keystroke logging devices can record everything a person types using his or her keyboard, such as to measure employee's productivity on certain clerical tasks. These types of devices can also be used to get usernames, passwords, etc.
Answer option C is incorrect. War dialing is a technique of using a modem to automatically scan a list of telephone numbers, usually dialing every number in a local area code to search for computers, BBS systems, and fax machines. Hackers use the resulting lists for various purposes, hobbyists for exploration, and crackers (hackers that specialize in computer security) for password guessing.
Answer option A is incorrect. Warchalking is the drawing of symbols in public places to advertise an open Wi-Fi wireless network. Having found a Wi-Fi node, the warchalker draws a special symbol on a nearby object, such as a wall, the pavement, or a lamp post. The name warchalking is derived from the cracker terms war dialing and war driving.
Answer option D is incorrect. An Internet Relay Chat (IRC) bot is a set of scripts or an independent program that connects to Internet Relay Chat as a client, and so appears to other IRC users as another user. An IRC bot differs from a regular client in that instead of providing interactive access to IRC for a human user, it performs automated functions.

 

質問 47
Which of the following attacks combines dictionary and brute force attacks?

  • A. Phishing attack
  • B. Hybrid attack
  • C. Man-in-the-middle attack
  • D. Replay attack

正解: B

 

質問 48
......


EC-COUNCIL 312-38 認定試験の出題範囲:

トピック出題範囲
トピック 1
  • Threat Prediction with Cyber Threat Intelligence
  • Network Attacks and Defense Strategies
トピック 2
  • Enterprise Virtual Network Security
  • Data Security
トピック 3
  • Business Continuity and Disaster Recovery
  • Endpoint Security-Windows Systems
トピック 4
  • Risk Anticipation with Risk Management
  • Technical Network Security
トピック 5
  • Threat Assessment with Attack Surface Analysis
  • Administrative Network Security
トピック 6
  • Enterprise Wireless Network Security
  • Endpoint Security- Mobile Devices
トピック 7
  • Network Logs Monitoring and Analysis
  • Network Perimeter Security
トピック 8
  • Network Traffic Monitoring and Analysis
  • Administrative Application Security

 

最新版無料体験を掴み取れ!EC-COUNCIL 312-38問題集PDFは更新された:https://www.goshiken.com/EC-COUNCIL/312-38-mondaishu.html

最新リリースの312-38問題集はCertified Ethical Hacker認証済み:https://drive.google.com/open?id=1ns9loKpYhXLcj0HIdU1YKTlK9PZoKe9u

関するブログ

もっと
312-38無料問題集